package com.demo.workbook.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;

/**
 * @className: LoginController
 * @copyright: menusifu
 * @description: <一句话功能简述>
 * <功能详细描述>
 * @author: hubin
 * @date: 2020/11/13
 * @version: 1.0
 */
@Controller
public class LoginController {

    @PostMapping("/main")
    public String main(){
        return "redirect:view/main.html";
    }


    @PostMapping("/fail")
    public String fail(){
        return "redirect:view/fail.html";
    }




    /**
     * 通过注解的方式，校验权限
     * 需要在springboot启动类上开启注解@EnableGlobalMethodSecurity(prePostEnabled = true,securedEnabled = true)
     *
     *
     * securedEnabled = true 表示开启了@Secured注解
     * prePostEnabled = true表示开启@PreAuthorize和@PostAuthorize注解
     *
     *
     * @return
     */
    //@Secured("ROLE_test")
    //@PreAuthorize("hasRole('test')")//表示方法或类在执行之前判断权限，大多数情况下使用这个注解，注解的参数和access方法参数取值相同都是权限表达式
    //@PreAuthorize("@myVerifyPermissionsServiceImpl.hasPermission(#request,authentication)")
    //@PostAuthorize("hasAuthority('admin')")//表示方法或类执行结束后判断权限，此注解使用较少
    @RequestMapping("/todo")
    @ResponseBody
    public String todo(HttpServletRequest request){


        return "I am todo";
    }

    //@PreAuthorize("isAnonymous()")
    @RequestMapping("/godo")
    @ResponseBody
    public String godo(){


        return "I am godo";
    }

}
